On Sat, Apr 18, 2020 at 11:53:36AM +0200, Paolo Bonzini wrote:
> On 18/04/20 03:55, Sean Christopherson wrote:
> >
> > static inline bool is_unrestricted_guest(struct kvm_vcpu *vcpu)
> > {
> > return enable_unrestricted_guest && (!is_guest_mode(vcpu) ||
> > to_vmx(vcpu)->nested.unrestricted_guest);
> > }
> >
> > Putting the flag in loaded_vmcs might be more performant? My guess is it'd
> > be in the noise, at which point I'd rather have it be clear the override is
> > only possible/necessary for nested guests.
>
> Even better: you can use secondary_exec_controls_get, which does get the
> flag from the loaded_vmcs :) but without actually having to add one.
I keep forgetting we have those shadows. Definitely the best solution.
